Mybb Merge System 1.8.7 ACP Obtain Information Vulnerability


Mybb Merge System is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application.


The information has been provided by patryk.
The original article can be found at:


Vulnerable Systems:
 * Mybb Merge System 1.8.7
 * Mybb 1.8.7

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name.

CVE Information:

Disclosure Timeline:
Publish Date : 2017-01-31
Last Update Date : 2017-02-05

Categories: News